Malicious code in sudo-yaml-virtualize-encode-pi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 472230c24a499cc530e4f6f10d962aeb1fe1c8006af18fb249913614d62012a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in arcturus-nuxtjs-cordelia-run-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48ed828d4efc8fa57e88ad8c077f137feda533b4d5525b0a6eac490f310ff99b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in speleology-pipe-pino-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc12667834e75d07b49fcd90c909c4159cb87514b0d23ee6ae4ae93afb1756b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in biosignature-nestjs-publish-morgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d5da20f5f3da9d3423c88e9820644cae1a1723c0ef22e66931bde9716ccd67f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in chalk-mira-procyon-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0669f795188c9df9f20c3ef0e98834b88a8aa721162b82698be48039ae152568 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185830 Malicious code in biosignature-jasmine-solis-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b6320a51a6ff5ec4676483ba7f9cfb24e153d3e1ac3ff03e68da55a92a0610f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187132 Malicious code in geckodriver-slidev-protractor-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29689121273e19b8aee711456742cc62e141bbd4ed84456d5dac711fc1273ca0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189872 Malicious code in terser-webpack-plugin-centaurus-version-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3c5c34ad44ac941803db664d6a785fac2fd342500558c1c26e98ba07c786178 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185615 Malicious code in async-css-minimizer-webpack-plugin-heka-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33b0f9fca81fca86a14b33c7bfac2d72987607fea039001a9568eff34c879063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187520 Malicious code in io-cordelia-meteor-filament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37bb443e8b535dc59175b1ef8d7eb72d284f31f0b56ff72943312cddcb025736 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186370 Malicious code in cressida-prettier-plugin-markdown-pulsar-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b47904204a0330a6ee88de485827845d0e3e0d640f5d1de7eda6c95644ce085d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188149 Malicious code in multiverse-terser-webpack-plugin-vulcan-redgiant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3baa1735030fec28c869f9415dedd3770acbed82aa70c4034145b69388e3ca53 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188687 Malicious code in photon-darkenergy-mocha-terraforming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6ce42babb790cecb786467b5307818ca1b0a573a280616ec3b158591c55da0b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188790 Malicious code in postgres-procyon-nextjs-nuxtjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e02623bc5d8858a0fa2b9d6b055451f4e014ae45fe30ff2456826691658198 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186993 Malicious code in firebase-selenology-blitz-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba84248994554254847bbbe7d4d7c2dffadaba57bdad95b53540b7220944baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188689 Malicious code in photon-sqlite-package-archaeoastronomy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7150a4433d6efb75ad9b3eccd02dca44b0b9102a6d9f95e0b94c56084c9e6b15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187841 Malicious code in local-terser-postcss-loader-eventhoriz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34b65bfa47dbfe04c6f4b072ca313e3d49adb15a955a7b43a2c1fe3e2dee460c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188793 Malicious code in postgres-soap-apex-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b86a98a2d226d8686f0c0bfd665e59b9bb161862d45d5139f58b48ca662cedd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185646 Malicious code in augmentedreality-vega-chai-cosmogenic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf9a20ca3eecb8f7b255ef5dd875b8d3a8cc3efd66543789eae137aa9f0f5837 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188278 Malicious code in nightmare-start-meteor-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01f618ccad5555d0a076b5f790e8c22ef5540f29809db86a35b06261b90dc6c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...